Report - vitalhealthcareaus-my.sharepoint.com

Report Overview

Submitted URL
vitalhealthcareaus-my.sharepoint.com
IP
13.107.138.9
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2023-01-23 01:46:32
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
vitalhealthcareaus-my.sharepoint.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	9.5 kB	13.107.136.9
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	62 kB	34.120.237.76
login.microsoftonline.com	25	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	52 kB	20.190.159.1
login.live.com	79	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	1.9 kB	40.126.32.73
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.203.75.56
aadcdn.msauth.net	1421	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	304 kB	13.107.238.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	25 kB	2023-03-13	2023-03-13
Pretty URL login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 05:53:25 Last Seen2023-03-13 05:53:25 Times Seen1 Hash b3131d54ecd24764c0ab071dc9d9722b bd721aa46046e9023ebcf7fcaaa6647fd5cc1581 12b8e98cc23646d9ce6225e021a1dce07092fb5c43e87843c697b014395375af Loading...

	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	12 kB	2023-03-08	2024-01-26
Pretty URL login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:34:32 Last Seen2024-01-26 19:58:02 Times Seen829 Hash 67fed99041ffb510ec6b9fa5f1fc7213 740ab73e6cffce4a2a4ae85bc784a5da07dfb478 f8ff4c5785ca4ec7dc40aeef00c47f68699d0b34329148a3aee0195f33323427 Loading...

	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	35 B	2023-03-07	2024-04-19
Pretty URL login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-04-19 23:01:57 Times Seen46898 Hash 2badc56bc4d494e70d476b2e4efd31da 384c5f0842cd2f786b0acc4cb159b75ad3620d46 8684cc6fc8b42cd798a7e1416fda8af6cea601dca2ecd3a253acfd9649f58fcb Loading...

	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	4.0 kB	2023-03-09	2023-03-14
Pretty URL login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:03:22 Last Seen2023-03-14 00:35:25 Times Seen1 Hash a193ad4846b72482789ab4173ccb4858 faa71ba0baa030be378a6192e502fc1806e048b5 c288378caab9a3c5f5eb3003dbabc356c8b1a4633e23841291aff388eb20db6f Loading...

	aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js	110 kB	2023-03-09	2023-03-14
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:03:22 Last Seen2023-03-14 00:35:25 Times Seen1 Hash 7389f0d4cfa6b92a971b9b84d2609729 889052485919ade7609beb44660a11ad2a7ba3dc 4393c9a3f71c27bbf7fd0275513d128f1effdf2a88dbb4bf27c710daa30165ea Loading...

	aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js	401 kB	2023-03-09	2023-07-25
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:03:23 Last Seen2023-07-25 21:18:16 Times Seen27 Hash b8a03fcb57e3a96bd891368531e8c865 858c9a8b07fb4a77bd0710a56870cbefbca1e6c0 6dc9810fa0a9551a31d7a5ad428952b917c211475113620a461cdb5efb2d5993 Loading...

	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	48 kB	2023-03-09	2023-03-13
Pretty URL login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:03:22 Last Seen2023-03-13 13:30:52 Times Seen1 Hash a0de1f4293455cbab1b44a88e017d29a b2bafc59eb9ee3f7230a7133fe8304d955f461f6 e4a85459290ccf113364934811ee9cd59e1c69cf612de5a448f0944252232e3c Loading...

	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	351 B	2023-03-07	2024-03-18
Pretty URL login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-03-18 15:59:31 Times Seen794 Hash 3c890f9b92423da2c3f6b98940e0f56f 69f72e87d6ddff7e2364230bb8d43c6f6b16a877 1a7ba79dac10aad7ef63eec3424d65c21881436cb7f5b44ba394268ed695d34d Loading...

	aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js	190 kB	2023-03-09	2024-01-26
Pretty URL aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:59:23 Last Seen2024-01-26 15:40:41 Times Seen100 Hash 6c97f18a6a1f816a13a364171abd0702 4b483319b748a694b5d593e1ca2102799e6acb63 9fe0a5db692ff67c7cd88490a7412c379ae767708e2cf8847d9a915dd6f19141 Loading...

HTTP Transactions (36)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash f416977a8d6dfaafb2dbfd0e68b871f8 dfa97bd829b03162de91c80133f2fde69b58a8d2 2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5" Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18311 Expires: Mon, 23 Jan 2023 06:51:32 GMT Date: Mon, 23 Jan 2023 01:46:21 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 4714c95a0c854e38f9be444f9343bf14 07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b 4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2820 Expires: Mon, 23 Jan 2023 02:33:21 GMT Date: Mon, 23 Jan 2023 01:46:21 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 17094b856fde02b2c8c2d3845ad325cf 26dc3f2ebf81faf5ab96eb75ffcbead6085528b8 6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7575 Expires: Mon, 23 Jan 2023 03:52:36 GMT Date: Mon, 23 Jan 2023 01:46:21 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash 14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 23 Jan 2023 01:42:34 GMT content-type: application/json age: 227 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: pR9SRPITd5fwmAY/1e9kJC4vr5qc84JL2uUXUk9s05R+xeBWT+JTQcerTuAavgcqttFm2w+az7D7vq1XQynXEw== x-amz-request-id: XXW1J2GWW4W4H553 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 23 Jan 2023 01:18:39 GMT age: 1662 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Mon, 23 Jan 2023 01:46:21 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	vitalhealthcareaus-my.sharepoint.com/	13.107.136.9	301 Moved Permanently	0 B
URL HTTP/1.1 vitalhealthcareaus-my.sharepoint.com/ IP 13.107.136.9:0 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET / HTTP/1.1 Host: vitalhealthcareaus-my.sharepoint.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` HTTP/1.1 301 Moved Permanently Location: https://vitalhealthcareaus-my.sharepoint.com/ P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-NetworkStatistics: 0,23360,0,0,4294967290,0,14600 X-DataBoundary: NONE X-1DSCollectorUrl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ X-AriaCollectorURL: https://browser.pipe.aria.microsoft.com/Collector/3.0/ SPRequestGuid: aee78ea0-d0a6-2000-12bc-52e560705875 request-id: aee78ea0-d0a6-2000-12bc-52e560705875 MS-CV: oI7nrqbQACASvFLlYHBYdQ.0 Report-To: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-OSL30r4A&frontEnd=AFD"}]} NEL: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} X-FRAME-OPTIONS: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com .powerapps.com .yammer.com .officeapps.live.com .office.com .stream.azure-test.net .microsoftstream.com .dynamics.com *.microsoft.com securebroker.sharepointonline.com; SPRequestDuration: 14 SPIisLatency: 0 X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 16.0.0.23304 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly X-Cache: CONFIG_NOCACHE X-MSEdge-Ref: Ref A: 8D7805685FE7465595B21EC6E8919409 Ref B: OSL30EDGE0407 Ref C: 2023-01-23T01:46:21Z Date: Mon, 23 Jan 2023 01:46:21 GMT Content-Length: 0

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 23 Jan 2023 01:17:30 GMT age: 1732 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.digicert.com/	93.184.220.29	200 OK	471 B
URL HTTP/1.1 ocsp.digicert.com/ IP 93.184.220.29:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 0c74880fa99032b5c3831c179d702419 0020b368309735c94d8053d3781a7efb7283cfc5 437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042 HTTP Headers `POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 3091 Cache-Control: max-age=115916 Content-Type: application/ocsp-response Date: Mon, 23 Jan 2023 01:46:22 GMT Etag: "63ccfca7-1d7" Expires: Tue, 24 Jan 2023 09:58:18 GMT Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 471`

	push.services.mozilla.com/	54.203.75.56	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 54.203.75.56:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: +uPJtkesl52tThzGjCUqug== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 2VD8AyqCD10Hp9Nq8VN/EfHpXOI=`

	vitalhealthcareaus-my.sharepoint.com/	13.107.136.9	302 Found	202 B
URL HTTP/2 vitalhealthcareaus-my.sharepoint.com/ IP 13.107.136.9:0 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 202 B (202 bytes) Hash cd2985aaa573debf12fffc789b32488c 796d2e4ba08242493f7d614bf633e712dbacf600 e746be5eb7a2c233c4d228ff492a86d5da6bc40ad5ef6844128a86b3c4d98d65 HTTP Headers `GET / HTTP/1.1 Host: vitalhealthcareaus-my.sharepoint.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` HTTP/2 302 Found content-length: 202 content-type: text/html; charset=utf-8 location: https://vitalhealthcareaus-my.sharepoint.com/_layouts/15/Authenticate.aspx?Source=%2F p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" x-networkstatistics: 0,525568,0,0,771,0,24491 x-sharepointhealthscore: 1 x-databoundary: NONE x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/ sprequestguid: aee78ea0-00ee-2000-0117-35b5c513d705 request-id: aee78ea0-00ee-2000-0117-35b5c513d705 ms-cv: oI7nru4AACABFzW1xRPXBQ.0 report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-OSL30r4A&frontEnd=AFD"}]} nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} strict-transport-security: max-age=31536000 x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' teams.microsoft.com .teams.microsoft.com .skype.com .teams.microsoft.us local.teams.office.com .powerapps.com .yammer.com .officeapps.live.com .office.com .stream.azure-test.net .microsoftstream.com .dynamics.com *.microsoft.com securebroker.sharepointonline.com; sprequestduration: 42 spiislatency: 0 x-powered-by: ASP.NET microsoftsharepointteamservices: 16.0.0.23304 x-content-type-options: nosniff x-ms-invokeapp: 1; RequireReadOnly x-cache: CONFIG_NOCACHE x-msedge-ref: Ref A: B739E893D18A4A6EA17CAD6CE7BE469C Ref B: OSL30EDGE0307 Ref C: 2023-01-23T01:46:22Z date: Mon, 23 Jan 2023 01:46:22 GMT X-Firefox-Spdy: h2

	vitalhealthcareaus-my.sharepoint.com/_layouts/15/Authenticate.aspx?Source=%2F	13.107.136.9	302 Found	219 B
URL HTTP/2 vitalhealthcareaus-my.sharepoint.com/_layouts/15/Authenticate.aspx?Source=%2F IP 13.107.136.9:0 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 219 B (219 bytes) Hash 4498215d5b91de02c5ca027721ae2efe 9ac7664b39da9d721a5cc6423c6ae810c662e55b 3b42a7682f47bee4e72e8bb627ac963fa04972de7b6922b28640a404b29037c7 HTTP Headers GET /_layouts/15/Authenticate.aspx?Source=%2F HTTP/1.1 Host: vitalhealthcareaus-my.sharepoint.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 302 Found cache-control: private content-length: 219 content-type: text/html; charset=utf-8 location: /_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" set-cookie: RpsContextCookie=U291cmNlPSUyRg==; expires=Mon, 23-Jan-2023 01:56:23 GMT; path=/; SameSite=None; secure; HttpOnly x-networkstatistics: 0,525568,0,0,1077,0,26370 x-sharepointhealthscore: 1 x-aspnet-version: 4.0.30319 x-databoundary: NONE x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/ sprequestguid: afe78ea0-9000-2000-0117-322c3f28b69f request-id: afe78ea0-9000-2000-0117-322c3f28b69f ms-cv: oI7nrwCQACABFzIsPyi2nw.0 report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=00000000-0000-0000-0000-000000000000&destinationEndpoint=Edge-Prod-OSL30r4A&frontEnd=AFD"}]} nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} strict-transport-security: max-age=31536000 sprequestduration: 13 spiislatency: 0 x-powered-by: ASP.NET microsoftsharepointteamservices: 16.0.0.23304 x-content-type-options: nosniff x-ms-invokeapp: 1; RequireReadOnly x-cache: CONFIG_NOCACHE x-msedge-ref: Ref A: FFDEEAFE377B458FBCC9A2658192F825 Ref B: OSL30EDGE0307 Ref C: 2023-01-23T01:46:23Z date: Mon, 23 Jan 2023 01:46:22 GMT X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A" Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6029 Expires: Mon, 23 Jan 2023 03:26:53 GMT Date: Mon, 23 Jan 2023 01:46:24 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A" Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6029 Expires: Mon, 23 Jan 2023 03:26:53 GMT Date: Mon, 23 Jan 2023 01:46:24 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A" Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6029 Expires: Mon, 23 Jan 2023 03:26:53 GMT Date: Mon, 23 Jan 2023 01:46:24 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d5528af26e629a9bfbf0c421146b921f 1e4f99245d551384bedfe9b59b5f9905127d87bf 989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A" Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6029 Expires: Mon, 23 Jan 2023 03:26:53 GMT Date: Mon, 23 Jan 2023 01:46:24 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg	34.120.237.76	200 OK	8.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.0 kB (7982 bytes) Hash 8ec35d753b6b816abcd14030255a7b76 a67bd0fa5beb10935442bef246bf4f52ec6e74bd 9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7982 x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fKezLExAIAMFSeA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: R-9qgCHHj8iD9FEwYhzLoXAQvdrO6D6qRIWAvyQJyfB-LHDGUjvmzA== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 21:47:59 GMT age: 14305 etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg	34.120.237.76	200 OK	12 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 12 kB (11918 bytes) Hash 4cb7be12333fa7ea3353901b4b3215af 4b758cc432874384f330568177eef5a328d7e69a d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11918 x-amzn-requestid: ff47dd24-004f-4cc7-acfb-283b2e751f23 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fEqxwEyWoAMF3gw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb580b-1e95f74b0846080f75a757f6;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ntW_cYMwX6UWInGOxxPlwnV1AJh46X-hiLvwggRz9oa1Yno6jyE51g== via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 03:16:54 GMT age: 80970 etag: "4b758cc432874384f330568177eef5a328d7e69a" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg	34.120.237.76	200 OK	6.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.6 kB (6579 bytes) Hash ecf206cacc8cdeeba5f730d98e0570b7 fe131d1a8686593034547d3a465903912abb4cc7 d85a51760a2d0a3587d5e3a876aaf689d7a2efedb3e98a408bd8b88711dc7690 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f055318-7ab9-4f4f-a005-7938c4d1d126.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6579 x-amzn-requestid: da35f55e-1e0a-4fc3-8ed7-f5b6cac11588 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fIgS0FHuIAMFX2A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cce0de-26fcfcca173b5436784cc481;Sampled=0 x-amzn-remapped-date: Sun, 22 Jan 2023 07:08:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 35gPIRU45VIH7rDwa1v3oWH7XEQk-KHeDe-nX5JYjydICDG7a_kBbg== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 20:46:02 GMT age: 18022 etag: "fe131d1a8686593034547d3a465903912abb4cc7" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10822 bytes) Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6 4c6d22bdc48d7011e2c875ee18876da6a8401669 23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10822 x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3AcMGeNoAMFs7A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0 x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yxOiDecizhIzCJoYi-ps_EhYJkKfIagTqM0ybgsgvdVRAgjdsSTRTQ== via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 21:44:17 GMT age: 14527 etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98ca818c-7a5c-4b9c-abcd-d5c3863dc494.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98ca818c-7a5c-4b9c-abcd-d5c3863dc494.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (11315 bytes) Hash 54ac06f5a4f9c73950b5d4deadcd89c5 314dedb6225295b6a297bd3926b2cb6ec26b3503 b5e70ff3468e371978f7ee5925ea134d3e4924133706e40c639f0bb801626965 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98ca818c-7a5c-4b9c-abcd-d5c3863dc494.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 11315 x-amzn-requestid: 319be6a8-4299-4604-9318-b1da6c3c36ed x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fEqzCHNtIAMF4Xw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb5813-00f03a796ba145612651ec7b;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:19 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Xzf1m8lYtyYgMJQHz4547AYNdI8yxGbKv9NeUztnI0mLivxu3CXnoQ== via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 03:45:44 GMT age: 79240 etag: "314dedb6225295b6a297bd3926b2cb6ec26b3503" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7387 bytes) Hash 9c9e3df640be93567ea081ffe31576f6 fb07a0e3cfcb7f53b94f614a2e96ec1d8d5967d4 679e5a9ab43a5599759171b70ad5dbe0c4ca8facb895f08ef0313b0c7e691ea3 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F296d62aa-29a6-401f-a40f-9238dace1001.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7387 x-amzn-requestid: 54845590-a39f-4a1b-ba4a-fe24368b268a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fD7N3GmQIAMF6AQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb0bf2-4b4bf4fc209388b74cb1c7f7;Sampled=0 x-amzn-remapped-date: Fri, 20 Jan 2023 21:47:30 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 67ewmF74mKQGH8hoGiYfRHTaVmS0JZc4WkSHXiODoz8sirBFY5MD2w== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 16:31:47 GMT age: 33277 etag: "fb07a0e3cfcb7f53b94f614a2e96ec1d8d5967d4" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	vitalhealthcareaus-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie	13.107.136.9	302 Found	894 B
URL HTTP/2 vitalhealthcareaus-my.sharepoint.com/_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie IP 13.107.136.9:0 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (822), with CRLF line terminators Size 894 B (894 bytes) Hash 553ae1f93bd1c2516da2a70a5e55f9f3 8450458f2c8d95fe8ec35dff45977d3ba4d3c83a 89e3a7709cae342f688f05c7e6cf995ae6da05f60cca8e98593766c4ffa2c329 HTTP Headers GET /_forms/default.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=cookie HTTP/1.1 Host: vitalhealthcareaus-my.sharepoint.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: RpsContextCookie=U291cmNlPSUyRg== Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 302 Found cache-control: no-cache, no-store pragma: no-cache content-length: 894 content-type: text/html; charset=utf-8 expires: -1 location: https://login.microsoftonline.com:443/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" set-cookie: nSGt-BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0=gYEwNTQ1NTJFNDIxRDBGQ0JEQjk2MDA2MTgxRTBBNjM1NjQ2QkQ3NTBGOUI3MzA1QjM1MEJBQUQxNEVEREVGQzg2Mzc0N0M4MTQwNDVGQTYwODkxMUE3RURCM0RENkRBMjBDMBIxMzMxODkxMjU4MzkzNzg4NTEkdml0YWxoZWFsdGhjYXJlYXVzLW15LnNoYXJlcG9pbnQuY29tef+MmQCI+KYBDEuJkoAAbAe9dnDo6SnCXnukGKM18YB2NXcTRt/oxX7t5ioHfBOAj5ZOITqdkljwvdRvfEVmDQhW9wL9FOYNKnVovFD8K2oTQTDBi0kigsUPHsdu5bR1GP0cC99CKzEjPrNN2J+qlDweF/YAMYI496gu3oRLkZJ+OLK23ygzql7qKfa0dTvxhudaTsNtcXn+ccdHtqVS3zE7mv7Wl4jGTZzMjTW6jggAQsOnK3pc4gRip5NcvgTLWBoyd+Qm6qmwYFeL77nZBB41I+nR4e8QmNkzG13cLxYBJzYAl4/4wrA/2QsX8bWosZKFrWSE7kJKEe+VOAzmI5wAAAA=; expires=Mon, 23-Jan-2023 01:56:23 GMT; path=/; SameSite=None; secure; HttpOnly RpsContextCookie=U291cmNlPSUyRiZQcmV2aW91c1JlcXVlc3RDb3JyZWxhdGlvbklkPWFmZTc4ZWEwJTJEMjAxMyUyRDIwMDAlMkQwMTE3JTJEM2Y3Y2JkYjZiODlmJlJldHVyblVybD0lMkYlNUZsYXlvdXRzJTJGMTUlMkZBdXRoZW50aWNhdGUlMkVhc3B4JTNGU291cmNlJTNEJTI1MkY=; expires=Mon, 23-Jan-2023 01:56:23 GMT; path=/; SameSite=None; secure; HttpOnly x-networkstatistics: 0,525568,0,0,1364,0,28108 x-sharepointhealthscore: 1 x-aspnet-version: 4.0.30319 x-databoundary: NONE x-1dscollectorurl: https://mobile.events.data.microsoft.com/OneCollector/1.0/ x-ariacollectorurl: https://browser.pipe.aria.microsoft.com/Collector/3.0/ sprequestguid: afe78ea0-2013-2000-0117-3f7cbdb6b89f request-id: afe78ea0-2013-2000-0117-3f7cbdb6b89f ms-cv: oI7nrxMgACABFz98vba4nw.0 report-to: {"group":"network-errors","max_age":7200,"endpoints":[{"url":"https://spo.nel.measure.office.net/api/report?tenantId=6d1f5e2d-9f79-4a15-b9f5-d695f12596a2&destinationEndpoint=Edge-Prod-OSL30r4A&frontEnd=AFD"}]} nel: {"report_to":"network-errors","max_age":7200,"success_fraction":0.001,"failure_fraction":1.0} strict-transport-security: max-age=31536000 sprequestduration: 38 spiislatency: 0 include-referred-token-binding-id: true x-powered-by: ASP.NET microsoftsharepointteamservices: 16.0.0.23304 x-content-type-options: nosniff x-ms-invokeapp: 1; RequireReadOnly x-cache: CONFIG_NOCACHE x-msedge-ref: Ref A: 950E6E691F014026894108AD1E195582 Ref B: OSL30EDGE0307 Ref C: 2023-01-23T01:46:23Z date: Mon, 23 Jan 2023 01:46:23 GMT X-Firefox-Spdy: h2

	login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f	20.190.159.1	200 OK	51 kB
URL HTTP/1.1 login.microsoftonline.com/6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f IP 20.190.159.1:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24535), with CRLF, LF line terminators Size 51 kB (50567 bytes) Hash 4d0843dc298a517d6107cfd62bf73d43 1ad4f629cf6f60430a1f111c9ed5db13575e9803 28299f341a6de38ef7751ebc90a2130439e1d455a968839364e6497ff96757f1 HTTP Headers GET /6d1f5e2d-9f79-4a15-b9f5-d695f12596a2/oauth2/authorize?client%5Fid=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&response%5Fmode=form%5Fpost&response%5Ftype=code%20id%5Ftoken&resource=00000003%2D0000%2D0ff1%2Dce00%2D000000000000&scope=openid&nonce=BAAD14EDDEFC863747C814045FA608911A7EDB3DD6DA20C0%2DA8DF1D6CFF9567111FBBC57BBA87363E5EC8B8E1596B39AC431B241E820BB0BB&redirect%5Furi=https%3A%2F%2Fvitalhealthcareaus%2Dmy%2Esharepoint%2Ecom%2F%5Fforms%2Fdefault%2Easpx&state=OD0w&claims=%7B%22id%5Ftoken%22%3A%7B%22xms%5Fcc%22%3A%7B%22values%22%3A%5B%22CP1%22%5D%7D%7D%7D&wsucxt=1&cobrandid=11bd8083%2D87e0%2D41b5%2Dbb78%2D0bc43c8a8e8a&client%2Drequest%2Did=afe78ea0%2D2013%2D2000%2D0117%2D3f7cbdb6b89f HTTP/1.1 Host: login.microsoftonline.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 200 OK Cache-Control: no-store, no-cache Pragma: no-cache Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: -1 Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000; includeSubDomains X-Content-Type-Options: nosniff X-Frame-Options: DENY Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch X-DNS-Prefetch-Control: on P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" x-ms-request-id: 51ea2aae-0a55-4b12-a4d7-b11e157b2e00 x-ms-ests-server: 2.1.14357.8 - AUELR1 ProdSlices Referrer-Policy: strict-origin-when-cross-origin X-XSS-Protection: 0 Set-Cookie: buid=0.AUIALV4fbXmfFUq59daV8SWWogMAAAAAAPEPzgAAAAAAAABCAAA.AQABAAEAAAD--DLA3VO7QrddgJg7Wevr1ZmZRyu1RhwEXyfU09C-rBOWEz063QN56DM4exRSyBiz6eps7Y2NaD-MgyMhbgI4MHKPDTlni99tjO_KmBGyqX9oIypDsfdYOvXjs3oN2tsgAA; expires=Wed, 22-Feb-2023 01:46:24 GMT; path=/; secure; HttpOnly; SameSite=None fpc=Ami3EfuUfI5OrZzEFBcaJMaSFlICAQAAAPDdX9sOAAAA; expires=Wed, 22-Feb-2023 01:46:24 GMT; path=/; secure; HttpOnly; SameSite=None esctx=PAQABAAEAAAD--DLA3VO7QrddgJg7Wevr1h0qm2NpByi5mBvJkyWCmYiWweqZo-r6dRl55C7NEMGlklVXPCEvBsCfejzZa9dPyr1BdL4Iwg93jnNoROBXHsEDiK98A7XbxGJlh0o8QYvbKpFRUwFHHbZ_1vQyX5S0Snra4KoQ7q7WZVcW6YJ1s9TePoQdxfitvCJ-h-7G6ckgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly stsservicecookie=estsfd; path=/; secure; samesite=none; httponly Date: Mon, 23 Jan 2023 01:46:24 GMT Content-Length: 50567

	aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js	13.107.238.53	200 OK	113 kB
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with very long lines (64616) Size 113 kB (112662 bytes) Hash cdcc167c5323538b05d11dd1fb0262a7 ec39a502bc1509fdb9343839eda51cc46cb64c1f 6557474086918569bb179ee2cec3dcc5036ee0125cdcff4749aa79f11f783267 HTTP Headers `GET /shared/1.0/content/js/ConvergedLogin_PCore_uKA_y1fjqWvYkTaFMejIZQ2.js HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Origin: https://login.microsoftonline.com Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 112662 content-type: application/x-javascript content-encoding: gzip content-md5: zcwWfFMjU4sF0R3R+wJipw== last-modified: Thu, 17 Nov 2022 22:31:46 GMT etag: 0x8DAC8EB82F7AC92 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 7b608a37-001e-002f-8013-262f5f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0e0DJYwAAAADaNrUE+CGKQahgcaURp4ljRlJBMjMxMDUwNDE4MDQ1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ebNYwAAAABxx8Fa6B9LRZAPnV5u186NQ1BIMzBFREdFMDQxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js	13.107.238.53	200 OK	61 kB
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with very long lines (65536), with no line terminators Size 61 kB (61054 bytes) Hash 45a8e1f0928d9b3c781473490e3952e0 8075d1c01d7a5811dbc8db6e5a66ace72580c362 fc8f6b5a4fe93401e52955c1968e843a5cc60c47e304852a291e9f31b022f3e8 HTTP Headers `GET /shared/1.0/content/js/oneDs_641b1cf809bdc17b42ab.js HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 61054 content-type: application/x-javascript content-encoding: gzip content-md5: Rajh8JKNmzx4FHNJDjlS4A== last-modified: Thu, 27 Oct 2022 14:24:13 GMT etag: 0x8DAB826EBE74413 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: c230cdc8-801e-005f-725f-2cdd5f000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 04dvJYwAAAABX++KEcDRiQ7YhP9YcNy5zRlJBMjMxMDUwNDE4MDE5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ebNYwAAAAB2jw2MaTbPSr25jpV8MWqFQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:24 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico	13.107.238.53	200 OK	17 kB
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data Size 17 kB (17174 bytes) Hash 12e3dac858061d088023b2bd48e2fa96 e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21 HTTP Headers `GET /shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 17174 content-type: image/x-icon content-md5: EuPayFgGHQiAI7K9SOL6lg== last-modified: Sun, 18 Oct 2020 03:02:03 GMT etag: 0x8D8731230C851A6 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: b23d0492-201e-0001-015c-281c71000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0X/HIYwAAAACbTDAhF+fZQYWancYJsg8RRlJBMjMxMDUwNDE3MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ebNYwAAAACE/lQ7JyUMTJwTTZCxhO34Q1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:24 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css	13.107.238.53	200 OK	20 kB
URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with very long lines (61177) Size 20 kB (19970 bytes) Hash f4adbf9c60a3ef95809a6008f6764d08 b55c98c403b111b494c1ece263dc06eabc0ab075 6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ X-Moz: prefetch Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 19970 content-type: text/css content-encoding: gzip content-md5: 9K2/nGCj75WAmmAI9nZNCA== last-modified: Thu, 04 Aug 2022 19:37:00 GMT etag: 0x8DA7650B37ACC3D server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 64905f0f-c01e-000f-4803-1dbe6c000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0v6zJYwAAAAAFgzyKbNzzQoOvYXjLrB3bRlJBMjMxMDUwNDE3MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ebNYwAAAAAW4OZ7wtTmRrdtoBtMR0ttQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js	13.107.238.53	200 OK	14 kB
URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Unicode text, UTF-8 text, with very long lines (32022) Size 14 kB (13854 bytes) Hash 3d02b7c2f6d372c8f32b7d46d14651b6 917fbe497e821224f76eda2e8db81bc95257d4e2 2a97674e39df1d5918ea6388508db228b035cf874feebb2bd86363fdeb81007d HTTP Headers `GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ X-Moz: prefetch Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 13854 content-type: application/x-javascript content-encoding: gzip content-md5: PQK3wvbTcsjzK31G0UZRtg== last-modified: Wed, 16 Nov 2022 00:33:54 GMT etag: 0x8DAC76A3E0B4BE5 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: a16b1e7c-f01e-0090-24d1-14d004000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0XpDJYwAAAAAXSe8ZGy4gQoCHfoRI36kARlJBMjMxMDUwNDE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ebNYwAAAACMG1ZjREqrSZkQvkZPsTFhQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js	13.107.238.53	200 OK	32 kB
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with very long lines (32960) Size 32 kB (32191 bytes) Hash 5bc954c38f7abb373384bd2eef7ef6ca b2e47dadfcb3a8a3ac3eb28db47cd87337d8b8f5 86df831a580538db87d472152bbf0381b814a216cd962476deb1317cb9e4b839 HTTP Headers `GET /shared/1.0/content/js/asyncchunk/convergedlogin_pcustomizationloader_442ad4dbc9101c033d33.js HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 32191 content-type: application/x-javascript content-encoding: gzip content-md5: W8lUw496uzczhL0u7372yg== last-modified: Tue, 15 Nov 2022 20:12:19 GMT etag: 0x8DAC745B324D8CE server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 89114703-101e-0026-6ed3-2b5c4c000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0JR7JYwAAAADgD/xodPEYTqd+iufPhDDsQU1TMDRFREdFMTgxNQAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= x-azure-ref: 08ebNYwAAAACEEi0lowEjSLDB1+UNeozxQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg	13.107.238.53	200 OK	673 B
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1864), with no line terminators Size 673 B (673 bytes) Hash 0e176276362b94279a4492511bfcbd98 389fe6b51f62254bb98939896b8c89ebeffe2a02 9a2c174ae45cac057822844211156a5ed293e65c5f69e1d211a7206472c5c80c HTTP Headers `GET /shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 673 content-type: image/svg+xml content-encoding: gzip content-md5: DhdidjYrlCeaRJJRG/y9mA== last-modified: Wed, 12 Feb 2020 22:01:30 GMT etag: 0x8D7B0071D86E386 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 8911393a-101e-0026-47d3-2b5c4c000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0PgLJYwAAAAB1E8A9PcALTaWaOVzkqdOxQU1TMDRFREdFMTkxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= x-azure-ref: 08ebNYwAAAAA6cpUA02t7SYOJZ+nDy4UEQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg	13.107.238.53	200 OK	1.4 kB
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators Size 1.4 kB (1435 bytes) Hash 9f368bc4580fed907775f31c6b26d6cf e393a40b3e337f43057eee3de189f197ab056451 7ecbba946c099539c3d9c03f4b6804958900e5b90d48336eea7e5a2ed050fa36 HTTP Headers `GET /shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 1435 content-type: image/svg+xml content-encoding: gzip content-md5: nzaLxFgP7ZB3dfMcaybWzw== last-modified: Fri, 17 Jan 2020 19:28:38 GMT etag: 0x8D79B8373CB2849 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: b2fbd25c-f01e-0004-59c5-169b7b000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0gkDJYwAAAADZZbuqfh2XSodrTymVFDJWRlJBMjMxMDUwNDE3MDI1ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ebNYwAAAAC0OtU7LQffSryMNlXfgfieQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg	13.107.238.53	200 OK	621 B
URL HTTP/2 aadcdn.msauth.net/shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1592), with no line terminators Size 621 B (621 bytes) Hash 4761405717e938d7e7400bb15715db1e 76fed7c229d353a27db3257f5927c1eaf0ab8de9 f7ed91a1dab5bb2802a7a3b3890df4777588ccbe04903260fba83e6e64c90ddf HTTP Headers `GET /shared/1.0/content/images/signin-options_4e48046ce74f4b89d45037c90576bfac.svg HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 621 content-type: image/svg+xml content-encoding: gzip content-md5: R2FAVxfpONfnQAuxVxXbHg== last-modified: Tue, 10 Nov 2020 03:41:24 GMT etag: 0x8D8852A7FA6B761 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: eb32278d-101e-0026-77ac-265c4c000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0k07JYwAAAACM6lXnl3vnRp3DE6BLaOfORlJBMjMxMDUwNDE4MDIxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 08ubNYwAAAABIzXd3hcqdQpm8PjNiJDhdQ1BIMzBFREdFMDQxNwAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:25 GMT X-Firefox-Spdy: h2

	login.live.com/Me.htm?v=3	40.126.32.73	200 OK	1.1 kB
URL HTTP/1.1 login.live.com/Me.htm?v=3 IP 40.126.32.73:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type HTML document, ASCII text, with very long lines (2345), with CRLF line terminators Size 1.1 kB (1132 bytes) Hash 9c08f0f5b411918572bb176b56d4b747 12814f1ffd1c414337cfc57da7561f4386ec8b67 d9f196403747ff4bbf6c3d61c7319f51e33be05825ac3b5200665e6e5ee26c0e HTTP Headers `GET /Me.htm?v=3 HTTP/1.1 Host: login.live.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ X-Moz: prefetch Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/1.1 200 OK Cache-Control: max-age=315360000 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Expires: Thu, 20 Jan 2033 01:46:26 GMT Vary: Accept-Encoding P3P: CP="DSP CUR OTPi IND OTRi ONL FIN" Referrer-Policy: strict-origin-when-cross-origin x-ms-route-info: R3_BL2 x-ms-request-id: 7a93639d-0d27-4759-ac18-bb5ae5dd0fa7 PPServer: PPV: 30 H: BL6PPFC627C2903 V: 0 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1; mode=block Set-Cookie: uaid=18e414d5c78d4bde928206021e40385b; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=N&lt=1674438386&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Date: Mon, 23 Jan 2023 01:46:25 GMT Content-Length: 1132

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css	13.107.238.53	200 OK	20 kB
URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type ASCII text, with very long lines (61177) Size 20 kB (19970 bytes) Hash f4adbf9c60a3ef95809a6008f6764d08 b55c98c403b111b494c1ece263dc06eabc0ab075 6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497 HTTP Headers `GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Origin: https://login.microsoftonline.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 19970 content-type: text/css content-encoding: gzip content-md5: 9K2/nGCj75WAmmAI9nZNCA== last-modified: Thu, 04 Aug 2022 19:37:00 GMT etag: 0x8DA7650B37ACC3D server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: 64905f0f-c01e-000f-4803-1dbe6c000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0v6zJYwAAAAAFgzyKbNzzQoOvYXjLrB3bRlJBMjMxMDUwNDE3MDMxADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 09ubNYwAAAADH7DPlZx4yT7KLPRdIHNA9Q1BIMzBFREdFMDQxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:30 GMT X-Firefox-Spdy: h2

	aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js	13.107.238.53	200 OK	14 kB
URL HTTP/2 aadcdn.msauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js IP 13.107.238.53:0 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK File type Unicode text, UTF-8 text, with very long lines (32022) Size 14 kB (13854 bytes) Hash 3d02b7c2f6d372c8f32b7d46d14651b6 917fbe497e821224f76eda2e8db81bc95257d4e2 2a97674e39df1d5918ea6388508db228b035cf874feebb2bd86363fdeb81007d HTTP Headers `GET /ests/2.1/content/cdnbundles/ux.converged.login.strings-en.min_mjvophz6bqsz2cdrtomlfw2.js HTTP/1.1 Host: aadcdn.msauth.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://login.microsoftonline.com/ Origin: https://login.microsoftonline.com Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK cache-control: public, max-age=31536000 content-length: 13854 content-type: application/x-javascript content-encoding: gzip content-md5: PQK3wvbTcsjzK31G0UZRtg== last-modified: Wed, 16 Nov 2022 00:33:54 GMT etag: 0x8DAC76A3E0B4BE5 server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-cache: TCP_HIT x-ms-request-id: a16b1e7c-f01e-0090-24d1-14d004000000 x-ms-version: 2009-09-19 x-ms-lease-status: unlocked x-ms-blob-type: BlockBlob access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding access-control-allow-origin: * x-azure-ref-originshield: 0XpDJYwAAAAAXSe8ZGy4gQoCHfoRI36kARlJBMjMxMDUwNDE3MDM5ADM5YTEyZjdlLTg5OWYtNDZjZi1hNmQwLTI0YmJiYTI3ZDk1Ng== x-azure-ref: 09ubNYwAAAABPA5B5nCRGR4Dr9mvglp5iQ1BIMzBFREdFMDQxMgAzOWExMmY3ZS04OTlmLTQ2Y2YtYTZkMC0yNGJiYmEyN2Q5NTY= date: Mon, 23 Jan 2023 01:46:30 GMT X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML